Rails 5.0.0.1, 4.2.7.2, and 3.2.22.3 have been released!
These release contain important security fixes, so please upgrade when you can.

Versions 5.0.0.1, 4.2.7.2, and 3.2.22.3 contain a fix for [CVE-2016-6316](https://groups.google.com/forum/#!topic/ruby-security-ann/8B2iV2tPRSE) which you can read about [here](https://groups.google.com/forum/#!topic/ruby-security-ann/8B2iV2tPRSE).
Version 4.2.7.2 also contains [CVE-2016-6317](https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA) which you can read about [here](https://groups.google.com/forum/#!topi

I would like to announce that Rails 3.2.21, 4.0.12, and 4.1.8 have been released. These releases contain a security fix where the existence of arbitrary files on the file system can be leaked, but the contents of the file **will not** be leaked. The issue generally only impacts people who are using Rails to serve static assets, and will generally not impact people who use a proxy to serve static assets. This issue is similar to CVE-2014-7818, but is slightly different.

I would like to announce that Rails 3.2.20, 4.0.11, 4.1.7, and 4.2.0.beta3 have been released. These releases contain a security fix where the existence of arbitrary files on the file system can be leaked, but the contents of the file **will not** be leaked. The issue generally only impacts people who are using Rails to serve static assets, and will generally not impact people who use a proxy to serve static assets. You can read more about the issue [here (CVE-2014-7818)](https://groups.google.com/forum/#!topic/rubyonrails-security/dCp7duBiQgo).

Rails 3.2.15.rc1 has been released. Please help us test the release
candidate before we do the actual release. If you find any regressions
between 3.2.14 and the 3.2.15 release candidate, please report them
here:

If you plan to attend, please add yourself to the wiki. If there is
anything you would like to discuss, please add it to the wiki as well.
Adding redmine links to your agenda item is very helpful, so if there is
a redmine ticket, please add it.

This is related to #8658. `mach_absolute_time` will give us a monotonic clock on OS X. I'm not sure if this fits in to `clock_gettime`, so I've added a new function for getting the absolute time and another function for converting the absolute time to nanoseconds.

A special syntax for string literals which would create frozen strings was
proposed. The new syntax would be something like `%f{ ... }` and `%F{ ... }`.
An alternative syntax using a suffix notation like `"..."f` or `%q(...)o` was
proposed. Matz was positive about adding this type of feature, but not sure
about specific notation, whether to have the `%f` syntax, a suffix, or both.

The idea should be presented at the next developers meeting for decision on
syntax.

I would like to schedule our next implementer meeting. Matz, when do
you have free time? Last time, I think we did a Saturday morning (JST)
so that mame could attend. May I suggest July 13th, 7am or 8am (JST)?

When we figure out a date, I'll make a wiki page and "official"
announcement.

P.S. sorry for not scheduling this sooner. I'll try to figure out how I
can be more productive. orz.